Identity and Security Business Group Director Joe Licari discusses FPE and the road ahead for Business Ready Security.
Today at the TechEd Europe conference, in conjunction with the launch of Exchange Server 2010, Microsoft launched Forefront Protection 2010 for Exchange Server. The product and evaluation software is available now.
Part of our Business Ready Security strategy, Forefront Protection for Exchange (FPE) offers multiple anti-malware engines for 38 times faster detection than single engine solutions, and 99% guaranteed spam protection with only one in 250,000 spam false positives. Customers also have the choice of using the hosted Forefront Online Protection for Exchange service, or both offerings together for defense-in-depth.
Like all of our Forefront solutions, FPE is designed to help companies balance the needs of business with security requirements. Email is an extremely critical application, of course, and it presents challenges to both businesspeople and IT managers. Employees (and non-employees) needs secure access to messaging and documents from anywhere, as well as a spam-free inbox and protection from malware. On the other hand, IT must manage multiple sites and devices, ensure information protection and compliance, and ward off financially-motivated threats.
Combined with Exchange 2010 and other Microsoft identity and security technologies, FPE is part of Microsoft’s comprehensive solution for secure messaging. (It’s worth watching a video presentation on the whole solution here, in fact.)
New features in Forefront Protection 2010 for Exchange Server include:
· Premium antispam protection, with 99% detection rate, less than 1 in 250,000 false positives, and backscatter filtering
· New user interface with dashboard view of detection statistics and health monitoring
· Antispyware scanning provided by the Microsoft Antimalware Engine
· Support for Exchange 2010, Windows PowerShell, and Hyper-V
· Standardized installation using MSI installer
Already a number of customers have deployed FPE with success. Quotes from two:
“Forefront Protection 2010 for Exchange Server goes hand-in-hand with Exchange Server 2010. We wouldn’t put anything else for e-mail security on our Exchange Server 2010.” Jonathan Wynn, IT Manager– Del Monte Foods.
“Implementing Forefront Protection 2010 for Exchange Server was an easy decision for us following the success of our previous Forefront Security for Exchange Server implementation.” George Podolak, Director of IT, Pei Cobb Freed & Partners
Windows Identity Foundation (formerly called code name Geneva framework) is a new Microsoft .NET Framework technology that gives developers a programming model and SDK to create new advanced identity capabilities in .NET applications. It provides developers pre-built .NET security logic for building claims-aware applications, enhancing either ASP.NET or WCF applications. Windows Identity Foundation makes it easeir to build richer, more secure applications (cloud and on-premise) without being a security and identity expert. It will boost developer productivity, as a result, and enhance app security through a standard approach to federation, strong authentication and identity delegation.
The RC is available here.
Look for more information about "WIF" coming out of Microsoft's Professional Developer Conference, the week of Nov 16.
A reminder from the Forefront Server Security blog.
As we announced on July 1, 2009, Microsoft is revising its engine mix on Dec. 1, 2009 for the Forefront and Antigen products. This change will allow customers to utilize a set of engines that help optimize detection, while also allowing us to invest in new areas for increasing overall protection for customers.
Antimalware Protection
The AhnLab, CA, and Sophos engines will be retired on Dec. 1, 2009. After December 1st, customers will not receive any updates for these retired engines. In order to make sure your Antigen and Forefront products continue to scan efficiently and effectively for malware, any customers running the AhnLab, CA, or Sophos engines must DISABLE these engines before Dec. 1, 2009 and select from the new set of five engines – Authentium, Kaspersky, Microsoft, Norman, and VirusBuster.
SPECIAL NOTE: Antigen for SharePoint 8.0 and Antigen for Instant Messaging 8.0 customers – In order to gain access to the new engine set and provide optimal protection for your messaging and collaboration environments, please download the Service Pack 1 releases of these products on the MVLS or VLSC site prior to Dec. 1, 2009. The updates for the new engine set will use a new update infrastructure as of Dec. 31, 2009 – the Service Pack 1 releases will allow you to continue to receive updates correctly from their new location.
For more information about Service Pack 1 for Antigen for SharePoint and Antigen for IM, see the following KB article:
http://support.microsoft.com/kb/975850/
- SPECIAL NOTE: Antigen for Exchange 8.0 and Antigen for SMTP Gateways 8.0 customers –These products will end of life on Dec. 31, 2009. Customers must upgrade to Antigen 9.0 SP2 for Exchange before this date, as the product will no longer continue to receive anti-malware updates starting Jan. 1, 2010. With the retirement of the CA, Sophos, and AhnLab engines on Dec. 1, customers running Antigen for Exchange 8.0 or Antigen SMTP Gateways 8.0 will only be protected by the Norman engine. For customers who need to continue using this product between Dec. 1, 2009 and the end-of-life date of Dec. 31, 2009, please contact Forefront Contract Administration for access to the revised engine set.
For more information on upgrading your Antigen for Exchange 8.0 or Antigen for SMTP Gateways 8.0 to Antigen 9.0, see the following KB article:
http://support.microsoft.com/kb/932396/
Antispam Protection
One of the most important changes in our engine revision strategy is moving to the Cloudmark antispam engine*, which provides 99%+ detection rate and less than 1 in 250,000 false positives (West Coast Labs).
The Mail-Filters SpamCure antispam engine will be retired on Dec. 1, 2009. Customers using Antigen products for antispam protection must upgrade to the latest service pack releases listed below BEFORE DEC. 1, 2009 to maintain their antispam defenses. This is the only way to gain access to the new Cloudmark engine. The service packs can be accessed on the Microsoft MVLS and VLSC sites:
- Antigen for Exchange Server with Antigen Spam Manager 9.0 with SP2
- Antigen for SMTP Gateways with Antigen Spam Manager 9.0 with SP2
For more information on the engine revision strategy, see the Antimalware Engine Notifications and Developments Web page or contact Forefront Contract Administration . Again, we strongly urge all customers to update to the newest service packs before Dec. 1, 2009 to get the full protection benefits of the Forefront and Antigen server products.
*Please note: Customers using Forefront Security for Exchange Server will get access to the Cloudmark engine in the next version release – Forefront Protection 2010 for Exchange Server – scheduled to be available in Q4 CY09.
Brita Jenquin
Sr. Product Manager
Cristian Mora Aguilar, Forefront Technical PM, starts off by briefly telling us about Microsoft's secure messaging solution and what business problems it resolves. He then gives us a screencast / demo of some of the cool scenarios enabled and problems solved with the secure messaging solution. Find out how Microsoft products help secure Microsoft Exchange Server.
http://edge.technet.com/Media/Forefront-Secure-Messaging-screencast-and-interview/